Privacy policy
What Aidvio collects when you install it, how it is used, who it is shared with, and how long it is kept.
Effective date: July 14, 2026 Last updated: July 14, 2026
Aidvio ("the App", "we", "us") is a Shopify embedded application operated by IT Geeks ("the Company") that helps merchants analyze, score, and enhance their product listings with AI, track how their products rank in AI-driven catalog search, and run automated SEO audits of their storefront.
This policy explains what information the App collects when you install it on your Shopify store, how that information is used, who it is shared with, how long it is kept, and the choices you have. By installing or using the App you agree to the practices described here.
1. Information we collect
When you install and use the App, we collect and store the following information.
Store information
- Your Shopify store domain (
your-store.myshopify.com) - Store name, store email, and contact email
- Store currency and Shopify subscription plan name
- A Shopify access token that lets the App read and update your products through the Shopify Admin API (issued and rotated by Shopify; scoped only to the permissions you approve at install)
Product and catalog data
- Product titles, descriptions, tags, images (URLs), variants, prices, categories, and SEO metadata — read from your store to analyze and score listings
- AI-generated enhancement drafts and the analysis scores for each product
- Product taxonomy matches and extracted product attributes
- Catalog-rank measurements: where your products appear in Shopify's global catalog search for the queries you track
Brand profile (onboarding answers)
- The answers you provide during onboarding: industry, target audience, brand tone, product requirements, competitors, terms to avoid, price range, and similar brand context — used solely to tailor AI-generated content to your brand
Website audit data
- If you use the SEO audit features, the App crawls your own storefront's public pages and stores page-level SEO data (titles, headings, metadata, links, keywords, rankings) for your store's URL
Usage and plan data
- Your selected App subscription plan and its billing state (including the Shopify subscription ID when billing is enabled)
- Monthly usage counters (number of analyses, enhancements, and chat messages used) to enforce plan limits
Chat assistant data
- Messages you send to the in-app chat assistant, retained to provide conversation history
Technical data
- Webhook delivery IDs (for de-duplication), request logs, and error diagnostics necessary to operate the App securely and reliably
2. Information we do NOT collect
- We do not collect, store, or process your customers' personal data. The App works only with your product catalog and your storefront's public pages. No customer names, emails, addresses, orders, or payment details are stored by the App.
- We do not collect your Shopify account password. Authentication is handled entirely by Shopify.
- We do not sell or rent any data to third parties.
Because no customer personal data is stored, Shopify's mandatory customers/data_request and customers/redact privacy webhooks are acknowledged with "no data held" — there is nothing to export or erase for individual customers.
3. How we use your information
We use the collected information exclusively to provide the App's features:
- Analyze and score your product listings and generate suggested improvements
- Write approved enhancements back to your Shopify store (only when you apply them)
- Track your products' positions in AI-driven catalog search and monitor competitors you choose to follow
- Run scheduled SEO audits of your storefront and show the results
- Personalize AI-generated content using your brand profile
- Enforce your subscription plan's entitlements and usage limits
- Operate, secure, debug, and improve the App
We do not use your data for advertising, and we do not train our own AI models on your data.
4. AI processing disclosure
The App uses third-party large language model (LLM) providers to generate analyses and content. When you run an analysis or enhancement, the relevant product content (for example a product's title, description, tags, and your brand-profile context) is sent to one of our AI providers to produce the result. Access tokens, store credentials, and billing data are never sent to AI providers.
Current AI providers: NVIDIA (AI inference endpoints), OpenAI, and Groq. Requests are processed via their APIs under their respective data-processing terms; we use API tiers that do not use submitted data for model training.
5. Third-party services (subprocessors)
| Service | Purpose | Data involved | |---|---|---| | Shopify | Platform, authentication, Admin API, billing | Store data, products, access token | | NVIDIA / OpenAI / Groq | AI analysis and content generation | Product content, brand profile context | | SearchAPI (searchapi.io) | Google search ranking checks for SEO audits | Your storefront URL and tracked keywords | | Neon (PostgreSQL) | Primary database hosting | All stored data listed in Section 1 | | Redis Cloud | Background job queue and rate limiting | Job identifiers, transient task data | | Hugging Face (inference endpoint) | Text embeddings for taxonomy matching and in-app help search | Product/category text fragments |
Each provider processes data only as needed to deliver its function and is bound by its own data-processing agreement.
6. Data retention and deletion
- While the App is installed: your data is retained so the App can show history, trends, and scheduled results.
- Chat messages: automatically deleted after 90 days.
- When you uninstall the App: we receive Shopify's
app/uninstalledwebhook and immediately and automatically delete all of your store's data — product analyses, enhancements, brand profile, settings, chat history, usage records, SEO audit data (crawled pages, keywords, rankings, schedules), and your access token. - Shop redaction (GDPR): Shopify additionally sends a
shop/redactwebhook around 48 hours after uninstall; our deletion runs again idempotently, guaranteeing nothing remains. - Backups age out on the hosting providers' standard rotation schedules.
You may also request deletion at any time while the App is installed by contacting us (Section 10).
7. Your privacy rights (GDPR / CCPA and similar laws)
Depending on your location, you may have the right to:
- Access the personal data we hold about you and your store
- Correct inaccurate data
- Delete your data ("right to be forgotten")
- Export your data in a portable format
- Object to or restrict certain processing
The App implements all of Shopify's mandatory privacy webhooks (customers/data_request, customers/redact, shop/redact) with verified HMAC signatures, and honors them automatically. For any other request, contact us at the address in Section 10 — we respond within 30 days.
8. Security
- All data in transit is encrypted with TLS/HTTPS; databases are encrypted at rest by our hosting providers.
- Every request from the App's interface is authenticated with short-lived, cryptographically signed Shopify session tokens; every webhook is verified with HMAC-SHA256 signatures, and requests with invalid signatures are rejected.
- Shopify access tokens are expiring tokens (rotated automatically by Shopify) and are never exposed to the browser, logs, or third parties.
- Access to production systems is restricted to authorized personnel.
- Destructive administrative operations require a separate admin credential and fail closed when it is not configured.
No method of transmission or storage is 100% secure; we cannot guarantee absolute security, but we follow industry-standard practices and Shopify's security requirements.
9. International data transfers
Our infrastructure providers may store and process data in data centers located in different countries (including the United States and India). Where data is transferred across borders, it is protected by the safeguards in our providers' data-processing agreements (including standard contractual clauses where applicable).
10. Contact us
For any privacy question, data access, correction, export, or deletion request:
- Email: ai@itgeeks.com
- Company: IT Geeks
We respond to privacy requests within 30 days.
11. Changes to this policy
We may update this policy as the App evolves. Material changes will be reflected by updating the "Last updated" date above, and — where the change significantly affects how your data is handled — by an in-app notice. Continued use of the App after a change constitutes acceptance of the updated policy.
This policy describes the App's actual data handling as implemented. It is provided as a starting point and should be reviewed by your legal counsel before publication, and completed with your registered company address and any region-specific disclosures that apply to your business.